[SERVER-26565] --keyFile /dev/stdin does not work Created: 11/Oct/16  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Security
Affects Version/s: 3.2.10
Fix Version/s: None

Type: New Feature Priority: Minor - P4
Reporter: Serhat Dinçer Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Participants:

 Description   

I would like to type the shared secret between members of a replica set on my terminal, and not leave a trace of it in a file on hard disk. So trying to read it from standard input does not work.
Reading from stdin solves my problem? I don't know.
Maybe a new option to read it from users in terminal would be better.



 Comments   
Comment by Spencer Jackson [ 13/Oct/16 ]

Hi! This does seem like it could be useful. Something that might work for you in the meantime, is using x509 cluster authentication with encrypted keys. If you then start your server without --sslPEMKeyPassword, you will be prompted to enter the password used to encrypt the keys. There is a known issue, SERVER-10346, which will cause you to be prompted multiple times. Enter your password each time you're prompted, and the server will start normally.

Generated at Thu Feb 08 04:12:31 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.